|
May 15 2002
|
(Microsoft Issues Fix) Microsoft Internet Explorer Cascading Style Sheets (CSS) Invalid Attribute Bug Lets Remote Users Read Portions of Files on the Victim's Computer
|
|
May 15 2002
|
Microsoft Internet Explorer (IE) Zone Spoofing Hole Lets Remote Users Create HTML That, When Loaded, May Run in a Less-Secure IE Security Zone
|
|
May 15 2002
|
Opera Browser Frame Location Bug Lets Remote Users Cause Arbitrary Javascript to Be Executed in the Incorrect Security Domain to Access Cookies and Other Sensitive Information
|
|
May 14 2002
|
NetPad Text Editing CGI Script Input Validation Flaws Let Remote Users View Files and Execute Shell Commands
|
|
May 10 2002
|
BEA Systems WebLogic Server Default Management Servlet Discloses the Contents of Files in Certain Subdirectories to Remote Users
|
|
May 10 2002
|
Critical Path inJoin Directory Server 'iCon' Web Administration Interface Discloses Files on the System to Authenticated Remote Users
|
|
May 9 2002
|
Yahoo! Messenger Client Discloses Buddy List Contents to Local Users
|
|
May 9 2002
|
Network Associates PGP 'Wipe Deleted Files' Option Fails to Wipe Clear Text Temporary Files Used by the Windows 2000 Encrypted File System Feature
|
|
May 8 2002
|
L.Y.S.I.A.S. Lidik Web Server for Microsoft Windows Systems Lets Remote Users View Files Located Anywhere on the Partition
|
|
May 6 2002
|
(Vendor Confirms and Offers Workaround) Re: Netscape Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer
|
|
May 4 2002
|
(Vendor Issues Fix) Re: Mozilla Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer
|
|
Apr 30 2002
|
Mozilla Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer
|
|
Apr 30 2002
|
Netscape Browser XMLHTTP Redirect Bug Lets Remote Users View Files on a User's Computer
|
|
Apr 30 2002
|
BEA Weblogic URL Parsing Flaw Lets Remote Users View .JSP Source Code or the Physical Installation Path and Cause Denial of Service Conditions
|
|
Apr 29 2002
|
SAP R/3 Default Installation Allows Remote Users to Access the Database Port and View, Write, and Modify Any SAP Data on the Server
|
|
Apr 25 2002
|
PHProjekt Groupware Has Multiple Flaws That Allow Remote Users to Gain Unauthorized Access, Make Changes to the Database, and View Files Located Anywhere on the System
|
|
Apr 24 2002
|
csMailto Perl-based Form Mail Script Input Validation Flaw Allows Remote Users to Execute Arbitrary Commands on the Server
|
|
Apr 23 2002
|
Intellisol Xpede Expense Reporting Software from WorkforceROI Has Multiple Flaws That Disclose Sensitive Information to Remote Users and Allow Remote Users to Make Administrative Changes
|
|
Apr 23 2002
|
Microsoft MSN Messenger Instant Messaging Client Discloses Buddy List to Local Users
|
|
Apr 22 2002
|
Lil' HTTP Server Discloses Files Located Outside of the Web Document Directory to Remote Users and Allows Remote Users to Conduct Cross-site Scripting Attacks Against Administrators
|
|
Apr 22 2002
|
(Another Related Vulnerability is Described) Re: Faq-O-Matic FAQ Management Application Allows Cross-Site Scripting Attacks
|
|
Apr 19 2002
|
Snitz Forums Input Validation Error Lets Remote Users Insert SQL Commands and View the Database Contents
|
|
Apr 18 2002
|
Linker Search Engine Software Has Input Validation Flaw That Lets Remote Users View Files on the System and Gain Administrative Access to the Search Engine
|
|
Apr 17 2002
|
Pipermail Mailing List Archive Software Directory Permission Flaw May Let Local Users View Private Mailing List Archive Contents
|
|
Apr 17 2002
|
Wiley Computer's CGI/Perl Cookbook FileSeek.cgi Script Lets Remote Users Execute Arbitrary Commands on the Server and View Files Located Anywhere on the Server
|
|
Apr 16 2002
|
(Vendor Issues Fix) Re: Lotus Notes API Lets Authorized Remote Users Obtain Unauthorized Access to Other User File Attachments
|
|
Apr 15 2002
|
AOL Instant Messenger (AIM) Chat Software May Disclose Buddy List Information to Local Users
|
|
Apr 12 2002
|
Multiple Vulnerabilities in IBM Informix Web DataBlade Let Remote Users Execute SQL Commands on the Server
|
|
Apr 9 2002
|
Sun Cluster Process (in.mond) Daemon May Let Remote Users Access System Logs and Configuration Data
|
|
Apr 9 2002
|
Microsoft Office Web Components Let Remote Users Gain Full Read and Write Control Over Another User's Clipboard, Even if Clipboard Access Via Scripts is Disabled
|
|
Apr 9 2002
|
Microsoft Office Web Components Let Remote Users Write Code to Run in the Victim's Local Security Domain and Access Local or Remote Files
|
|
Apr 9 2002
|
(Caldera Issues Fix for Open UNIX/UnixWare) Re: Caldera Distribution of XFree86 for OpenLinux Lets Local Users Access Shared Memory to Gain Elevated Privileges
|
|
Apr 8 2002
|
TYPSoft FTP Server Discloses Listing of Directory Contents for Any Directory on the Disk Drive
|
|
Apr 5 2002
|
EMU Webmail Server Discloses Files on the Server to Remote Users
|
|
Apr 4 2002
|
(HP Issues Additional Patches) HP/UX Release of Sendmail May Disclose Unauthorized Information to E-mail Users Under Certain Conditions
|
|
Apr 4 2002
|
Quik-Serv Web Server Discloses Arbitrary Files to Remote Users
|
|
Apr 4 2002
|
Oracle Configurator Filtering Holes Let Remote Users Conduct Cross-Site Scripting Attacks Against Configurator Users to Obtain Sensitive Information
|
|
Apr 3 2002
|
Cisco Secure Access Control Server Format String Bug Allows Remote Users to Execute Arbitrary Code with Administrator Privileges and Directory Traversal Bug Lets Remote Users View Files on the Server
|
|
Apr 3 2002
|
(Vendor Provides Guidance) Re: WWWIsis Search Engine CGI Allows Remote Users to Execute Commands and View Files on the System
|
|
Apr 2 2002
|
Microsoft Windows 2000 DCOM Implementation Flaw May Disclose Memory Contents to Remote Users
|
|
Apr 2 2002
|
Microsoft Internet Explorer Cascading Style Sheets (CSS) Invalid Attribute Bug Lets Remote Users Read Portions of Files on the Victim's Computer
|
|
Apr 2 2002
|
IBM AIX Parallel Systems Support Program (PSSP) Lets Local Users Access Sensitive Configuration Files
|
|
Apr 1 2002
|
(IBM Issues Fix) Re: Lotus Notes API Lets Authorized Remote Users Obtain Unauthorized Access to Other User File Attachments
|
|
Apr 1 2002
|
Caldera Distribution of XFree86 for OpenLinux Lets Local Users Access Shared Memory to Gain Elevated Privileges
|
|
Mar 29 2002
|
WWWIsis Search Engine CGI Allows Remote Users to Execute Commands and View Files on the System
|
|
Mar 28 2002
|
Citrix NFuse Publishing Server Lets Remote Authenticated Users View Files Located Outside of the Web Root Directory
|
|
Mar 27 2002
|
Microsoft Internet Explorer Discloses The Existence of and Details of Local Files to Remote Users
|
|
Mar 23 2002
|
(Vendor Issues Fix) Re: RealPlayer View Source Bug May Disclose Files to Other Users
|
|
Mar 22 2002
|
PCI NetSupport Manager Directory Traversal Flaw Lets Remote Users View Files Located Anywhere on the Managed Host
|
|
Mar 20 2002
|
(Vendor Issues Fix) Re: Lil' HTTP Server Discloses Files in Password Protected Directories on the Web Server to Remote Users
|
|
Mar 19 2002
|
Hosting Controller Web Hosting Software ASP Script Validation Bugs Let Remote Users Edit and Delete Any Files on the System, Giving the Remote Users Full Control of the System
|
|
Mar 15 2002
|
(SGI Issues Fix) Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
|
|
Mar 13 2002
|
(Vendor Issues Fix) Re: Xerver Web Server Input Validation Flaw Lets Remote Users View Files on the Server and Error Handling Bug Lets Remote Users Crash the Web Service
|
|
Mar 13 2002
|
(FreeBSD Issues Fix) Netscape 4.76 Browser May Execute Arbitrary Javascript Code that Could Disclose Recently Visited Web URLs
|
|
Mar 12 2002
|
Php ImgList Image Gallery Script Discloses Files on the System to Remote Users
|
|
Mar 12 2002
|
CaupoShop Input Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks to Steal Customer Data (Including Credit Cards) and Manipulate the Items for Sale in the Store
|
|
Mar 11 2002
|
ALCATech's BPM Studio Pro Audio Mixer Discloses Files Located Anywhere on the System to Remote Users
|
|
Mar 11 2002
|
Pi3Web Web Server Discloses Protected Files within the System Web Document Directory to Remote Users
|
|
Mar 8 2002
|
Xerver Web Server Input Validation Flaw Lets Remote Users View Files on the Server and Error Handling Bug Lets Remote Users Crash the Web Service
|
|
Mar 7 2002
|
mIRC Chat Client Discloses User Nickname and Other Information to Remote Users via Direct Client-to-Client Protocol
|
|
Mar 5 2002
|
RealPlayer View Source Bug May Disclose Files to Other Users
|
|
Mar 5 2002
|
Endymion's Sake Mail Web Mail Java Servet Lets Remote Users View Files on the Server
|
|
Mar 5 2002
|
Endymion's MailMan Web Mail Server Lets Remote Users View Files on the Server
|
|
Mar 5 2002
|
Zope Web Application Content Server Proxy Role Error May Let Users Access Unauthorized Objects
|
|
Mar 5 2002
|
Tomcat Java Server Lets Malicious Java Servlets or JSP Pages Access Any File on the Server
|
|
Mar 3 2002
|
AeroMail Web Mail System Lets Remote Users Steal the Cookies of AeroMail Users and Lets Valid Remote Users Access Files on the AeroMail Server
|
|
Mar 1 2002
|
Cobalt RaQ4 System Management Software Lets Remote Users View Files on the System, Conduct Cross-Site Scripting Attacks, and Cause Denial of Service Conditions
|
|
Feb 27 2002
|
Cisco IOS-based Devices That Use Cisco Express Forwarding (CEF) May Leak Data from One Packet into Another Packet in Certain Situations
|
|
Feb 27 2002
|
Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
|
|
Feb 26 2002
|
Deerfield D2Gfx File Sharing System Lets Remote Users Traverse the Directory and View Files Located Anywhere on the System
|
|
Feb 26 2002
|
BadBlue Web Server Lets Remote Users Traverse the Directory and View Files Located Anywhere on the System
|
|
Feb 26 2002
|
(Vendor Issues Fix) Re: Essentia Web Server Discloses Files Located Anywhere on the System to Remote Users and Lets Remote Users Crash the Web Service
|
|
Feb 25 2002
|
ScriptEase Web Server Edition Sample Script (comment2.jse) Discloses Files Located Anywhere on the Server to Remote Users
|
|
Feb 22 2002
|
Microsoft XML Core Services in SQL Server 2000 Lets Remote Scripts Access and Send Local Files
|
|
Feb 22 2002
|
Microsoft XML Core Services in Microsoft Windows XP Operating System Lets Remote Scripts Access and Send Local Files
|
